daohualiuxiang
/
node
mirror of https://github.com/nodejs/node.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

doc: tls: note that SSLv2 is disabled by default 

As of commit 39aa894, SSLv2 support is disabled by default.  Update
the documentation to reflect that.
pull/5010/head
Ben Noordhuis 2014-01-20 16:19:00 +01:00 committed by Fedor Indutny
parent 8c303115f5
commit 023f0a3122
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
doc/api/tls.markdown
View File

@ -174,13 +174,14 @@ automatically set as a listener for the [secureConnection][] event. The
- `honorCipherOrder` : When choosing a cipher, use the server's preferences - `honorCipherOrder` : When choosing a cipher, use the server's preferences
instead of the client preferences. instead of the client preferences.
Note that if SSLv2 is used, the server will send its list of preferences
to the client, and the client chooses the cipher.
Although, this option is disabled by default, it is *recommended* that you Although, this option is disabled by default, it is *recommended* that you
use this option in conjunction with the `ciphers` option to mitigate use this option in conjunction with the `ciphers` option to mitigate
BEAST attacks. BEAST attacks.
Note: If SSLv2 is used, the server will send its list of preferences to the
client, and the client chooses the cipher. Support for SSLv2 is disabled
unless node.js was configured with `./configure --with-sslv2`.
- `requestCert`: If `true` the server will request a certificate from - `requestCert`: If `true` the server will request a certificate from
clients that connect and attempt to verify that certificate. Default: clients that connect and attempt to verify that certificate. Default:
`false`. `false`.